Malicious Firefox Add-on Spies On Google Search Results
Trend Micro reports the discovery of a spyware (detected as TSPY_EBOD.A by Trend Micro) purporting to be an Adobe Flash Player update. Upon execution, the spyware creates a Firefox add-on called “Adobe Flash Player 0.2,” the installer of which uses JavaScript (detected as JS_EBOD.A) and appears to spread via forum posts.
The add-on injects ads into the user’s Google search results pages. More disturbing, however, is its capability to monitor the user’s browsing activities, particularly his/her Google search queries using the Firefox browser. It then sends the information it gathers to http://******jupdate.com.
Malware targeting Internet Explorer is probably one of the reasons why a huge number of users are opting to use alternative browsers such as Firefox, Chrome, Safari, and Opera instead. Though this used to be considered a safe computing practice before, it seems it no longer is with the proliferation of malware targeting the most popular alternative Internet browser, Firefox.
Users should be wary, as always, of downloading updates from unknown sources. They should also note that no browser is safe from malicious attacks as cybercriminals will do just about anything to infect users with their malicious code.
Credit: TrendLabs Malware Blog by Trend Micro
More on CyberInsecure:
Leave a Reply
Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.